ALIYUN::WAF::DomainConfig类型用于添加域名配置信息。

语法

{
  "Type": "ALIYUN::WAF::DomainConfig",
  "Properties": {
    "HttpToUserIp": Integer,
    "Domain": String,
    "SourceIps": String,
    "InstanceId": String,
    "Region": String,
    "HttpPort": String,
    "LoadBalancing": Integer,
    "HttpsPort": String,
    "RsType": Integer,
    "IsAccessProduct": Integer,
    "HttpsRedirect": Integer,
    "Protocols": String
  }
}

属性

属性名称 类型 必须 允许更新 描述 约束
HttpToUserIp Integer 是否开启HTTPS访问请求通过HTTP协议转发回源站。
说明 如果您的网站不支持HTTPS回源,开启HTTP回源(默认回源端口是80端口)功能项,即可通过WAF实现HTTPS访问。
取值范围:
  • 0:关闭。
  • 1:开启。

默认值:0。

Domain String 域名名称。 无。
SourceIps String 源站IP,支持指定多个IP。示例:["1.1.1.1", "10.0.0.0"] 无。
InstanceId String Web应用防火墙实例ID。 无。
Region String Web应用防火墙实例所在的地域。 取值范围:
  • cn:中国大陆地区。
  • cn-hongkong:海外地区。

默认值:cn。

HttpPort String HTTP协议配置的端口。指定多个HTTP端口时,使用“,”进行分隔。示例值:[80, 8000] 配置协议为HTTP时,该参数为必填项。默认值为80。HttpPort与HttpsPort两个请求参数至少需要填一个。
LoadBalancing Integer 回源负载均衡策略。 取值范围:
  • 0:IP Hash方式。
  • 1:轮询方式。
HttpsPort String HTTPS协议配置的端口。指定多个HTTPS端口时,使用“,”进行分隔。示例值:[443] 配置协议为HTTPS时,该参数为必填项。默认值为443。HttpPort与HttpsPort两个请求参数至少需要填一个。
RsType Integer 该域名的回源地址类型。 取值范围:
  • 0:回源到IP。
  • 1:回源到域名。
IsAccessProduct Integer 该域名在WAF前是否配置有七层代理(例如,高防、CDN等)。 取值范围:
  • 0:表示无。
  • 1:表示有。
HttpsRedirect Integer 是否开启HTTPS强制跳转。 取值范围:
  • 0:表示关闭 。
  • 1:表示开启。

默认值:0。

仅使用HTTPS访问协议时需填写该请求参数。开启强制跳转后HTTP请求将显示为HTTPS,默认跳转至443端口。
Protocols String 该域名所支持的访问协议。 取值范围:
  • http:支持HTTP协议。
  • https:支持HTTPS协议。
  • http,https:同时支持HTTP、HTTPS协议。

返回值

Fn::GetAtt

  • ProtocolType:支持的访问协议。0表示支持HTTP协议,1表示支持HTTPS协议,2表示同时支持HTTP和HTTPS。
  • Cname:WAF分配的别名。

示例

JSON格式

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Resources": {
    "DomainConfig": {
      "Type": "ALIYUN::WAF::DomainConfig",
      "Properties": {
        "HttpToUserIp": {
          "Ref": "HttpToUserIp"
        },
        "Domain": {
          "Ref": "Domain"
        },
        "SourceIps": {
          "Ref": "SourceIps"
        },
        "InstanceId": {
          "Ref": "InstanceId"
        },
        "Region": {
          "Ref": "Region"
        },
        "HttpPort": {
          "Ref": "HttpPort"
        },
        "LoadBalancing": {
          "Ref": "LoadBalancing"
        },
        "HttpsPort": {
          "Ref": "HttpsPort"
        },
        "RsType": {
          "Ref": "RsType"
        },
        "IsAccessProduct": {
          "Ref": "IsAccessProduct"
        },
        "HttpsRedirect": {
          "Ref": "HttpsRedirect"
        },
        "Protocols": {
          "Ref": "Protocols"
        }
      }
    }
  },
  "Parameters": {
    "HttpToUserIp": {
      "Type": "Number",
      "Description": "Whether to open HTTPS access request is forwarded back to the source station via the HTTP protocol, the value of: 0: off (default) 1: Turn Note If your site does not support HTTPS back to the source, open source HTTP return (default back to the source port is port 80) function key, can be realized by WAF HTTPS access.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "Domain": {
      "Type": "String",
      "Description": "Domain name."
    },
    "SourceIps": {
      "Type": "String",
      "Description": "Source station IP, supports a plurality of specified IP. Example values: [ \"1.1.1.1\"]."
    },
    "InstanceId": {
      "Type": "String",
      "Description": "WAF instance ID. Description Interface You can view your current WAF instance ID by calling DescribePayInfo."
    },
    "Region": {
      "Type": "String",
      "Description": "Examples of areas where the WAF. Value: cn: said China mainland (default) cn-hongkong: overseas representation",
      "AllowedValues": [
        "cn",
        "cn-hongkong"
      ]
    },
    "HttpPort": {
      "Type": "String",
      "Description": "HTTP protocol configuration port. When specifying a plurality of HTTP port \",\" separated. Example values: [80]. Configure the HTTP protocol, this parameter is required. The default value is 80. HttpPort HttpsPort with at least two parameters need to fill a request."
    },
    "LoadBalancing": {
      "Type": "Number",
      "Description": "Back to the source load balancing policy values: 0: IP Hash way. 1: represents a polling mode.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "HttpsPort": {
      "Type": "String",
      "Description": "HTTPS protocol configuration port. When specifying a plurality HTTPS port, using the \",\" separated. Example values: [443]. Configure the protocol is HTTPS, this parameter is required. The default value is 443. HttpPort HttpsPort with at least two parameters need to fill a request."
    },
    "RsType": {
      "Type": "Number",
      "Description": "Back to the source address type the domain name values: 0: back to the source to IP. 1: Indicates the domain name back to the source.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "IsAccessProduct": {
      "Type": "Number",
      "Description": "The domain before WAF is configured with seven agents (eg, high defense, CDN, etc.), the value of: 0: none. 1: expressed.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "HttpsRedirect": {
      "Type": "Number",
      "Description": "HTTPS is turned forcefully jump the argument: 0: off (default) 1: Turn Description required to complete the request parameters using only HTTPS access protocol. After opening force will show a jump HTTP request is HTTPS, a default jump to 443.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "Protocols": {
      "Type": "String",
      "Description": "The domain supports access protocols, values: http: expressed support for the HTTP protocol. https: support for HTTPS protocol. http, https: supports HTTP, HTTPS protocol."
    }
  },
  "Outputs": {
    "ProtocolType": {
      "Description": "agreement type:0: indicates that the HTTP protocol is supported.1: indicates that the HTTPS protocol is supported.2: indicates that both HTTP and HTTPS protocols are supported.",
      "Value": {
        "Fn::GetAtt": [
          "DomainConfig",
          "ProtocolType"
        ]
      }
    },
    "Cname": {
      "Description": "CNAME assigned by WAF instance.",
      "Value": {
        "Fn::GetAtt": [
          "DomainConfig",
          "Cname"
        ]
      }
    }
  }
}

YAML格式

ROSTemplateFormatVersion: '2015-09-01'
Resources:
  DomainConfig:
    Type: ALIYUN::WAF::DomainConfig
    Properties:
      HttpToUserIp:
        Ref: HttpToUserIp
      Domain:
        Ref: Domain
      SourceIps:
        Ref: SourceIps
      InstanceId:
        Ref: InstanceId
      Region:
        Ref: Region
      HttpPort:
        Ref: HttpPort
      LoadBalancing:
        Ref: LoadBalancing
      HttpsPort:
        Ref: HttpsPort
      RsType:
        Ref: RsType
      IsAccessProduct:
        Ref: IsAccessProduct
      HttpsRedirect:
        Ref: HttpsRedirect
      Protocols:
        Ref: Protocols
Parameters:
  HttpToUserIp:
    Type: Number
    Description: 'Whether to open HTTPS access request is forwarded back to the source
      station via the HTTP protocol, the value of: 0: off (default) 1: Turn Note If
      your site does not support HTTPS back to the source, open source HTTP return
      (default back to the source port is port 80) function key, can be realized by
      WAF HTTPS access.'
    AllowedValues:
    - 0
    - 1
  Domain:
    Type: String
    Description: Domain name.
  SourceIps:
    Type: String
    Description: 'Source station IP, supports a plurality of specified IP. Example
      values: [ "1.1.1.1"].'
  InstanceId:
    Type: String
    Description: WAF instance ID. Description Interface You can view your current
      WAF instance ID by calling DescribePayInfo.
  Region:
    Type: String
    Description: 'Examples of areas where the WAF. Value: cn: said China mainland
      (default) cn-hongkong: overseas representation'
    AllowedValues:
    - cn
    - cn-hongkong
  HttpPort:
    Type: String
    Description: 'HTTP protocol configuration port. When specifying a plurality of
      HTTP port "," separated. Example values: [80]. Configure the HTTP protocol,
      this parameter is required. The default value is 80. HttpPort HttpsPort with
      at least two parameters need to fill a request.'
  LoadBalancing:
    Type: Number
    Description: 'Back to the source load balancing policy values: 0: IP Hash way.
      1: represents a polling mode.'
    AllowedValues:
    - 0
    - 1
  HttpsPort:
    Type: String
    Description: 'HTTPS protocol configuration port. When specifying a plurality HTTPS
      port, using the "," separated. Example values: [443]. Configure the protocol
      is HTTPS, this parameter is required. The default value is 443. HttpPort HttpsPort
      with at least two parameters need to fill a request.'
  RsType:
    Type: Number
    Description: 'Back to the source address type the domain name values: 0: back
      to the source to IP. 1: Indicates the domain name back to the source.'
    AllowedValues:
    - 0
    - 1
  IsAccessProduct:
    Type: Number
    Description: 'The domain before WAF is configured with seven agents (eg, high
      defense, CDN, etc.), the value of: 0: none. 1: expressed.'
    AllowedValues:
    - 0
    - 1
  HttpsRedirect:
    Type: Number
    Description: 'HTTPS is turned forcefully jump the argument: 0: off (default) 1:
      Turn Description required to complete the request parameters using only HTTPS
      access protocol. After opening force will show a jump HTTP request is HTTPS,
      a default jump to 443.'
    AllowedValues:
    - 0
    - 1
  Protocols:
    Type: String
    Description: 'The domain supports access protocols, values: http: expressed support
      for the HTTP protocol. https: support for HTTPS protocol. http, https: supports
      HTTP, HTTPS protocol.'
Outputs:
  ProtocolType:
    Description: 'agreement type:0: indicates that the HTTP protocol is supported.1:
      indicates that the HTTPS protocol is supported.2: indicates that both HTTP and
      HTTPS protocols are supported.'
    Value:
      Fn::GetAtt:
      - DomainConfig
      - ProtocolType
  Cname:
    Description: CNAME assigned by WAF instance.
    Value:
      Fn::GetAtt:
      - DomainConfig
      - Cname